MapGuide Open Source:  Home |  Download |  Internals

Ticket #367 (closed defect: fixed)

Opened 9 months ago

Last modified 9 months ago

Security: GetFdoCachInfo exposes plain text passwords alongside user Ids

Reported by: stevedang Assigned to: stevedang
Priority: medium Milestone: 2.0
Component: Server Version: 2.0.0
Severity: major Keywords:
Cc: External ID: 1010319

Description

Using the Web Tier test pages the GetFdoCachInfo? page exposes plain test passwords alongside their corresponding user id for database connections. For security reasons we should remove the password from the results.

Change History

12/07/07 18:54:18 changed by stevedang

  • status changed from new to assigned.

12/10/07 15:24:39 changed by stevedang

  • status changed from assigned to closed.
  • resolution set to fixed.

Fixed by submission <http://trac.osgeo.org/mapguide/changeset/2573>